Monday, June 12, 2017

Safari’s Intelligent Tracking Prevention

Natasha Lomas (via Hacker News):

The feature will use machine learning technology to power tracker blocking in a bid to outwit the digital stalkers, according to Federighi.

“Safari uses machine learning to identify trackers, segregate the cross-site scripting data, put it away so now your privacy — your browsing history — is your own,” he explained.

“It’s not about blocking ads, the web behaves as it always did, but your privacy is protected,” he added.

John Wilander:

A machine learning model is used to classify which top privately-controlled domains have the ability to track the user cross-site, based on the collected statistics. Out of the various statistics collected, three vectors turned out to have strong signal for classification based on current tracking practices: subresource under number of unique domains, sub frame under number of unique domains, and number of unique domains redirected to. All data collection and classification happens on-device.

[…]

If the user has not interacted with example.com in the last 30 days, example.com website data and cookies are immediately purged and continue to be purged if new data is added.

However, if the user interacts with example.com as the top domain, often referred to as a first-party domain, Intelligent Tracking Prevention considers it a signal that the user is interested in the website and temporarily adjusts its behavior as depicted in this timeline[…]

[…]

If you run a single sign-on system with a centralized session, the user needs to interact with the domain that controls the session. Otherwise you run the risk of Intelligent Tracking Prevention treating your session controller domain as a tracker.

Update (2017-06-28): See also: Hacker News.

Update (2018-04-17): John Wilander:

The biggest update to ITP so far is the introduction of the Storage Access API which provides a mechanism for embedded third-party content to get out of cookie partitioning through user interaction. In addition to the Storage Access API, ITP 1.1 includes two behavior changes described below.

4 Comments RSS · Twitter

[…] Previously: Safari’s Intelligent Tracking Prevention. […]

[…] find Safari’s privacy options very empowering. There are lots of features to protect your from the sites you visit, but that’s only half the story. Safari’s user interface doesn’t mention which […]

[…] Previously: Safari’s Intelligent Tracking Prevention. […]

[…] Safari’s Intelligent Tracking Prevention […]

Leave a Comment